External Control Of System Or Configuration Setting

Taguette is vulnerable to External Control of System or Configuration Setting. The vulnerability is due to improper validation in the password reset functionality, which allows an attacker to craft a malicious reset link that, when clicked by the victim, enables unauthorized control over the...

Open-Xchange App Suite 安全漏洞

Open-Xchange AppSuite is a set of Web cloud desktop environments from Open-Xchange Germany. The environment allows users to manage email, tasks, files, etc. more intuitively. A security vulnerability exists in Open-Xchange App Suite that stems from the processing of POP3 function responses withou...

Open-Xchange OX App Suite 安全漏洞

Open-Xchange OX App Suite is an email and productivity suite client software from Open-Xchange Germany. A security vulnerability exists in Open-Xchange OX App Suite OXAS-BACKEND, which stems from the IMAP function response processing not limiting the size of the response to a reasonable size when...

Kubernetes: Github Account Takeover from Docs page of `kubernetes-csi.github.io`

Report Submission Form Summary: Kubernetes in its docs https://kubernetes-csi.github.io have a drivers list. One of the driver was pointing to an external github account. That github account was not registered on github.com So I was able to takeover the account and host PoC Kubernetes Version: NA...

Unspecified Vulnerability in Mattermost Plugins

Mattermost is a private cloud messaging solution provider. A security vulnerability in Mattermost Plugins can be exploited by an attacker to attach their Mattermost account to another user's GitHub account...